Hi Everyone
I have a question about how the controller is supposed to work. I have a route10 connected to my ISP. I have a firewall and then an wifi router. My controller is connected the last wifi router. My route10 isn’t talking to the controller (assuming that how it supposed to work) . I can ssh into the controller and curl to the route10 just fine (Which is the way I hoped this could work) Can I configure my controller and manually point it to the ip address of the route10? I did that in the GUI with a manual device add , but that is not working
Here’s a link to setup instructions, if you haven’t already seen it before:
https://help.alta.inc/hc/en-us/articles/30485333780507-Setting-Up-Control
For a first time setup you might need to connect it directly to the Route 10 without any intermediate switches or other firewalls. Possibly, firmwares needs to be up to date as well as the Route 10 being removed from any previous Cloud controller setup.
1 Like
There is also a field for the controller address in the Route10 setup wizard, accessible when the device is in factory default state.
1 Like
After a few days of working / fighting with it, I’ve come to the conclusion that the controller seems to only work when plugged into the route 10. I was trying route-to and redirect rules on my openbsd firewall and asus routers . I could see “Setup new router” in the Alta app but the configuration never completed. I understand that the main port that is used is 443, but your internet connection has to be up in order to receive that information from dynamic dns. So it seems like something should be in front of the route to in order to maintain an internet connection when your setting this up. My process was
- Setup the route10 inside manage.alta.inc cloud such that the internet connection is now up
- cable the controller into a POE port on the route10 and follow the attached instructions for setting up the controller
- receive information from alta labs for local.XXXXXXXXXX.ddns etc (internet connection must be up) via email, which will point the private ip address of the controller. (I would be interested in a process to move the controller afterwards)
- Delete route10 from manage.alta.inc
- Use an ipad or tablet that is also plugged into the route10 with the alta app installed, switch to local controller and type in the local.XXXXXXXXXX.ddns etc address provided in the app and in email
- switch to local controller and to discover the unmanaged route10.
Is it ok to setup the controller first (just let the route10 blink red) and get the DDNS url of the controller before setting up the route10? That would save some time. Anyway a process document on how to integrate these seems like a good idea. The docs seem to be centered around setting up individual appliances.
1 Like
OOOh I was able to add an Alta-S8POE that was behind my firewalls, to my controller connected to the Route10. The trick is the ipad that was discovering the new device had to be plugged into the route10. I’m assuming this is a DNS issue where some records are only available on the Alta Inc DNS servers and not on Google , CloudFlare etc. Now I’m tempted to start over and see if I can delete all the devices in that controller and move the controller behind the firewalls .
On openbsd pf I added.
-
pass in on egress inet proto tcp from $controller port 443 to $s8poe port 443 route-to $asus modulate state
-
So the variable point to the 192.168.X.X address of the controller , s8poe and the asus router
-
On asus router enable port forwarding and add a redirect rule under WAN → virtual Server /Port Forwarding foward 443 source ip of controller to ip of the s8poe
-
set dns server of Alta devices to be the route to ( in my case 192.168.1.1) in the DHCP properties
So I did this for testing , I got the device to add fully and then the device shows as disconnected 
Going to move controller behind firewalls. Sorry , Ive had my identity stolen before so I take security to paranoia level of seriousness
1 Like